package com.example.springboot.oauth2.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

/***/
@RestController
@RequestMapping("/secure")
public class SecureAdminController {

    @PreAuthorize("hasRole('ROLE_ADMIN')")//只允许admin角色访问
    @RequestMapping(value="/a", method = RequestMethod.GET)
    public String sayHello() {
        return "Secure Hello access to rose admin !>>>"+System.currentTimeMillis();
    }

    //允许任意角色访问
    @RequestMapping(value="/go", method = RequestMethod.GET)
    public String saySomething() {
        return "Secure saySomething access to >>>"+System.currentTimeMillis();
    }

}
